如何添加 `default-allow-http`
How to add the `default-allow-http`
如何将 Terraform 脚本中的 default-allow-http 防火墙规则添加到 Google 云计算实例?
provider "google" {
credentials = file("CREDENTIAL_FILE")
project = "gitlab-project"
region = var.region
}
resource "google_compute_instance" "gitlab" {
name = var.machine_specs.name
machine_type = var.machine_type.emicro
zone = var.zone
boot_disk {
initialize_params {
image = var.machine_specs.os
size = var.machine_specs.size
}
}
network_interface {
# A default network is created for all GCP projects
network = "default"
access_config {
nat_ip = google_compute_address.static.address
}
}
// Add the SSH key
metadata = {
ssh-keys = "martin:${file("~/.ssh/id_rsa.pub")}"
}
}
// A variable for extracting the external ip of the instance
output "ip" {
value = "${google_compute_instance.gitlab.network_interface.0.access_config.0.nat_ip}"
}
resource "google_compute_address" "static" {
name = "ipv4-address"
address_type = "EXTERNAL"
address = "XXX.XXX.XXX.XXX"
}
resource "google_compute_firewall" "allow-http" {
name = "default-allow-http"
network =
allow{
protocol = "tcp"
ports = ["80"]
}
}
您需要将标签 ["http-server", "https-server"] 添加到您的资源组 google_compute_instance,如下所示:
[...]
resource "google_compute_instance" "gitlab" {
name = var.machine_specs.name
machine_type = var.machine_type.emicro
zone = var.zone
tags = ["http-server", "https-server"]
[...]
只需将标签 http-server 和 https-server 添加到您的 google_cloud_instance 资源组。
这些标签可以在您的 GCloud 控制台的防火墙设置中找到。
您可以使用 google_compute_instance 资源中可用的 tags 参数。
它看起来像:
resource "google_compute_instance" "gitlab" {
name = var.machine_specs.name
machine_type = var.machine_type.emicro
zone = var.zone
tags = ["http-server"]
http-server 标记用于 default-allow-http 防火墙规则。
如果您需要 default-allow-https,则只需将 https-server 附加到标签列表即可。
希望这对您有所帮助。
如何将 Terraform 脚本中的 default-allow-http 防火墙规则添加到 Google 云计算实例?
provider "google" {
credentials = file("CREDENTIAL_FILE")
project = "gitlab-project"
region = var.region
}
resource "google_compute_instance" "gitlab" {
name = var.machine_specs.name
machine_type = var.machine_type.emicro
zone = var.zone
boot_disk {
initialize_params {
image = var.machine_specs.os
size = var.machine_specs.size
}
}
network_interface {
# A default network is created for all GCP projects
network = "default"
access_config {
nat_ip = google_compute_address.static.address
}
}
// Add the SSH key
metadata = {
ssh-keys = "martin:${file("~/.ssh/id_rsa.pub")}"
}
}
// A variable for extracting the external ip of the instance
output "ip" {
value = "${google_compute_instance.gitlab.network_interface.0.access_config.0.nat_ip}"
}
resource "google_compute_address" "static" {
name = "ipv4-address"
address_type = "EXTERNAL"
address = "XXX.XXX.XXX.XXX"
}
resource "google_compute_firewall" "allow-http" {
name = "default-allow-http"
network =
allow{
protocol = "tcp"
ports = ["80"]
}
}
您需要将标签 ["http-server", "https-server"] 添加到您的资源组 google_compute_instance,如下所示:
[...]
resource "google_compute_instance" "gitlab" {
name = var.machine_specs.name
machine_type = var.machine_type.emicro
zone = var.zone
tags = ["http-server", "https-server"]
[...]
只需将标签 http-server 和 https-server 添加到您的 google_cloud_instance 资源组。
这些标签可以在您的 GCloud 控制台的防火墙设置中找到。
您可以使用 google_compute_instance 资源中可用的 tags 参数。
它看起来像:
resource "google_compute_instance" "gitlab" {
name = var.machine_specs.name
machine_type = var.machine_type.emicro
zone = var.zone
tags = ["http-server"]
http-server 标记用于 default-allow-http 防火墙规则。
如果您需要 default-allow-https,则只需将 https-server 附加到标签列表即可。
希望这对您有所帮助。